- All Exams Instant Download
Which benefit do policy rule UUlDs provide?
Which benefit do policy rule UUlDs provide?A . An audit trail across a policy's lifespan B. Functionality for scheduling policy actions C. The use of user IP mapping and groups in policies D. Cloning of policies between device-groupsView AnswerAnswer: A
What are three valid parameters of an SSL Decryption policy?
An engineer is tasked with enabling SSL decryption across the environment. What are three valid parameters of an SSL Decryption policy? (Choose three.)A . URL categories B. source users C. source and destination IP addresses D. App-ID E. GlobalProtect HIPView AnswerAnswer: A,B,C
What can be used to create dynamic address groups?
What can be used to create dynamic address groups?A . dynamic address B. region objects C. tags D. FODN addressesView AnswerAnswer: C
What two methods can be used to pull this data from third party proxies?
An engineer needs to collect User-ID mappings from the company's existing proxies. What two methods can be used to pull this data from third party proxies? (Choose two.)A . Syslog B. XFF Headers C. Client probing D. Server MonitoringView AnswerAnswer: A,B
Which sessions does Packet Buffer Protection apply to?
An engineer is configuring Packet Buffer Protection on ingress zones to protect from single-session DoS attacks. Which sessions does Packet Buffer Protection apply to?A . It applies to existing sessions and is not global B. It applies to new sessions and is global C. It applies to new sessions and...
Which statement about High Availability timer settings is true?
Which statement about High Availability timer settings is true?A . Use the Moderate timer for typical failover timer settings. B. Use the Critical timer for taster failover timer settings. C. Use the Recommended timer tor faster failover timer settings. D. Use the Aggressive timer for taster failover timer settingsView AnswerAnswer:...
When performing an upgrade on Panorama to PAN-OS 10.2, what is the potential cause of a failed install?
The decision to upgrade to PAN-OS 10.2 has been approved. The engineer begins the process by upgrading the Panorama servers, but gets an error when trying to install. When performing an upgrade on Panorama to PAN-OS 10.2, what is the potential cause of a failed install?A . Management only mode...
Which dynamic role does the administrator assign to the new-hire colleague?
An administrator wants to grant read-only access to all firewall settings, except administrator accounts, to a new-hire colleague in the IT department. Which dynamic role does the administrator assign to the new-hire colleague?A . Device administrator (read-only) B. System administrator (read-only) C. Firewall administrator (read-only) D. Superuser (read-only)View AnswerAnswer: A
Which GlobalProtect component must be configured to enable Clientless VPN?
Which GlobalProtect component must be configured to enable Clientless VPN?A . GlobalProtect satellite B. GlobalProtect app C. GlobalProtect portal D. GlobalProtect gatewayView AnswerAnswer: C Explanation: Creating the GlobalProtect portal is as simple as letting it know if you have accessed it already. A new gateway for accessing the GlobalProtect portal...
What is a common obstacle for decrypting traffic from guest devices?
An organization wishes to roll out decryption but gets some resistance from engineering leadership regarding the guest network. What is a common obstacle for decrypting traffic from guest devices?A . Guest devices may not trust the CA certificate used for the forward untrust certificate. B. Guests may use operating systems...
